nfc-mfclassic: detect 2K MFP via RATS
Philippe Teuwen
11 years ago
260 | 260 | return true; |
261 | 261 | } |
262 | 262 | |
263 | static int | |
264 | get_rats(void) | |
265 | { | |
266 | int res; | |
267 | uint8_t abtRats[2] = { 0xe0, 0x50}; | |
268 | // Use raw send/receive methods | |
269 | if (nfc_device_set_property_bool(pnd, NP_EASY_FRAMING, false) < 0) { | |
270 | nfc_perror(pnd, "nfc_configure"); | |
271 | return -1; | |
272 | } | |
273 | res = nfc_initiator_transceive_bytes(pnd, abtRats, sizeof(abtRats), abtRx, sizeof(abtRx), 0); | |
274 | if (res > 0) { | |
275 | // ISO14443-4 card, turn RF field off/on to access ISO14443-3 again | |
276 | nfc_device_set_property_bool(pnd, NP_ACTIVATE_FIELD, false); | |
277 | nfc_device_set_property_bool(pnd, NP_ACTIVATE_FIELD, true); | |
278 | } | |
279 | // Reselect tag | |
280 | if (nfc_initiator_select_passive_target(pnd, nmMifare, NULL, 0, &nt) <= 0) { | |
281 | printf("Error: tag disappeared\n"); | |
282 | nfc_close(pnd); | |
283 | nfc_exit(context); | |
284 | exit(EXIT_FAILURE); | |
285 | } | |
286 | return res; | |
287 | } | |
288 | ||
263 | 289 | static bool |
264 | 290 | read_card(int read_unlocked) |
265 | 291 | { |
557 | 583 | // 320b |
558 | 584 | uiBlocks = 0x13; |
559 | 585 | else |
560 | // 1K | |
561 | // TODO: for MFP it is 0x7f (2K) but how to be sure it's a MFP? Try to get RATS? | |
586 | // 1K/2K, checked through RATS | |
562 | 587 | uiBlocks = 0x3f; |
588 | // Testing RATS | |
589 | int res; | |
590 | if ((res = get_rats()) > 0) { | |
591 | if ((res >= 10) && (abtRx[5] == 0xc1) && (abtRx[6] == 0x05) | |
592 | && (abtRx[7] == 0x2f) && (abtRx[8] == 0x2f) | |
593 | && ((nt.nti.nai.abtAtqa[1] & 0x02) == 0x00)) { | |
594 | // MIFARE Plus 2K | |
595 | uiBlocks = 0x7f; | |
596 | } | |
597 | } | |
563 | 598 | printf("Guessing size: seems to be a %i-byte card\n", (uiBlocks + 1) * 16); |
564 | 599 | |
565 | 600 | if (bUseKeyFile) { |